package com.site.common.filter.handler;

import com.site.common.filter.AbstractBaseFilter;
import com.site.common.filter.wrapper.XssAndSqlRequestWrapper;
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 拦截xss攻击过滤器
 */
@Component
public class ParamXssPassFilter extends AbstractBaseFilter<HttpServletRequest> {

    @Override
    protected HttpServletRequest execute(HttpServletRequest request, HttpServletResponse response, HandlerMethod handlerMethod, ApplicationContext context) {
        XssAndSqlRequestWrapper xssAndSqlRequestWrapper = null;
        try {
            xssAndSqlRequestWrapper = new XssAndSqlRequestWrapper(request);
        } catch (IOException e) {
            logger.error("自定义 XssAndSqlRequestWrapper 对象出错, {}",e);
        }
        return xssAndSqlRequestWrapper;
    }
}
